Abstract
With the rapid development of intelligent applications, many Internet of Things (IoT) devices are deployed in various application scenarios, playing an extremely important role. Remote attestation is an important method to ensure the software integrity of these devices and protect them from several attacks. Due to the lack of security hardware and no support of hardware extensions for Class-1 IoT devices, it is particularly important to design a suitable remote attestation scheme for these devices. In this paper, we first propose the delayed observation mechanism to alleviate the problem that the software-based remote attestation scheme is not suitable for wireless networks. At the same time, we propose a "filling memory at attestation-time" mechanism, which solves the problem that attackers hide malicious code through return-oriented programming. Finally, we introduce a reputation mechanism to assist our attestation, and adopt the principle of "making higher-performance verification nodes take on more work" to greatly reduce the time-consuming attestation. We analyze the security of the scheme and implement it on a UNO-R3 development board to prove its practicability and effectiveness. Compared with traditional software-based attestation schemes, our scheme can reduce the attestation time and resist proxy attacks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IEEE Transactions on Dependable and Secure Computing
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
